To meet client demands, computing environments should be scalable, available and manageable. Technologies referred to generally as “clustering” aim to address such concerns. A “cluster” may be defined as a group of independent computers that work together to run a common set of applications and that provide an image of a single system to a client and application. More generally, a cluster may be defined as a set of resources, made available to users and presented as a unified entity to the users.
While client users may not be aware that a cluster exists, they expect server-based resources (e.g., applications and data) to be readily available. To meet such expectations, an administrator should be able to scale and manage cluster resources. Developers can also play a role by developing applications that appear unified to a client yet “cluster-aware” to an administrator.
In a client-server cluster architecture, when overall load for a cluster-aware application exceeds resource capabilities of a cluster (e.g., CPU, disk space, I/O capacity, bandwidth), scalability addresses the ability to add resources to the cluster (e.g., scale up and/or scale out). For example, formerly, administrators that desired future system expansion capability needed to make up-front commitments to expensive, high-end servers that provided space for additional CPUs, drives, and memory. With clustering and cluster-aware applications, administrators can add resources as needed to meet, for example, overall processing power requirements.
With respect to high availability, when a component or an application in a cluster fails, cluster software should respond, for example, by restarting the failed application or dispersing work from the failed component to another component in the cluster. With respect to manageability, clustering technologies often provide a graphical console with tools, for example, to facilitate moving applications and data within the cluster to different servers. Such a clustering feature can be used, for example, to manually balance workloads and to unload servers for planned maintenance without downtime.
A clustering technology known as network load balancing (NLB) includes aspects of scalability, availability and manageability. NLB provides for strategic distribution of client requests or TCP/IP traffic to appropriate resources in a cluster. Some commercially available clustering technologies provide for NLB in a cluster around 30 hosts (e.g., servers). NLB may be achieved via hardware (e.g., a NLB device) or via software (e.g., NLB software running on one or more devices). A NLB scheme often presents a common “virtual” IP address for an entire cluster and transparently partitions client requests across the multiple servers in the cluster. NLB provides high availability and high scalability to the Internet applications.
Some NLB techniques use a “heartbeat” to detect machine failures. For example, a heartbeat between nodes can contain resource health information to enable the cluster to determine the level of failure and amount of fail over required. If a failure occurs, an NLB algorithm can direct workload to healthy machine. NLB may perform automatic load balancing of session based traffic and allow for easy addition of hosts to a cluster.
Where a cluster requires security, load balancing can become problematic. For example, a Kerberos security protocol can provide server authentication to a given client by the means of a trusted 3rd party (Key Distribution Center—KDC) where the client, instead of authenticating to a given server, it authenticates to a group of servers. This group of servers shares a group key dynamically. The group key is randomly generated on the fly, and then encrypted with the server's long term key. Using this technique, there are many copies of the same group key in the encrypted form, one copy encrypted by the key of each server in this server group. In a cluster, a group of computers may service requests directed to a virtual computer (e.g., a “virtual” server). For example, a sever cluster may be accessed through a virtual IP address that fronts real IP addresses. In such an example, routing of the requests from a virtual server (e.g., a virtual node) to a real computer (a real node) can be achieved by either hardware or software. Combining security and load balancing technologies poses a problem in terms of Kerberos authentication, especially where routing is via a hardware device that only provides routing support.
As described herein, various technologies address security in a computing environment that relies on load balancing.